Click here to download all references as Bib-File.•
2021-05-13
⋅
DomainTools
⋅
Domain Blooms: Identifying Domain Name Themes Targeted By Threat Actors |
2021-04-22
⋅
splunk
⋅
SUPERNOVA Redux, with a Generous Portion of Masquerading SUPERNOVA |
2021-04-21
⋅
splunk
⋅
Monitoring Pulse Connect Secure With Splunk (CISA Emergency Directive 21-03) |
2021-04-05
⋅
Huntress Labs
⋅
From PowerShell to Payload: An Analysis of Weaponized Malware |
2021-03-26
⋅
Imperva
⋅
Imperva Observes Hive of Activity Following Hafnium Microsoft Exchange Disclosures CHINACHOPPER |
2021-03-12
⋅
splunk
⋅
Detecting Microsoft Exchange Vulnerabilities - 0 + 8 Days Later… |
2021-03-09
⋅
YouTube (John Hammond)
⋅
HAFNIUM - Post-Exploitation Analysis from Microsoft Exchange CHINACHOPPER |
2021-03-03
⋅
Huntress Labs
⋅
Rapid Response: Mass Exploitation of On-Prem Exchange Servers CHINACHOPPER HAFNIUM |
2021-03-01
⋅
YouTube (John Hammond)
⋅
Mozi Malware - Finding Breadcrumbs... Mozi |
2021-02-24
⋅
McAfee
⋅
Technical Analysis of Babuk Ransomware Babuk |
2021-01-28
⋅
Huntress Labs
⋅
Analyzing Ryuk Another Link in the Cyber Attack Chain BazarBackdoor Ryuk |
2021-01-12
⋅
BrightTALK (FireEye)
⋅
UNC2452: What We Know So Far Cobalt Strike SUNBURST TEARDROP |
2021-01-08
⋅
splunk
⋅
A Golden SAML Journey: SolarWinds Continued SUNBURST |
2021-01-04
⋅
splunk
⋅
Detecting Supernova Malware: SolarWinds Continued SUPERNOVA |
2020-12-30
⋅
Recorded Future
⋅
SOLARWINDS ATTRIBUTION: Are We Getting Ahead of Ourselves? An Analysis of UNC2452 Attribution SUNBURST |
2020-12-20
⋅
CitizenLab
⋅
The Great iPwn Journalists Hacked with Suspected NSO Group iMessage ‘Zero-Click’ Exploit Chrysaor |
2020-12-17
⋅
splunk
⋅
Onboarding Threat Indicators into Splunk Enterprise Security: SolarWinds Continued SUNBURST |
2020-12-15
⋅
Corelight
⋅
Finding SUNBURST Backdoor with Zeek Logs & Corelight SUNBURST |
2020-12-13
⋅
FireEye
⋅
Highly Evasive Attacker Leverages SolarWinds Supply Chain to Compromise Multiple Global Victims With SUNBURST Backdoor SUNBURST SUPERNOVA TEARDROP UNC2452 |
2020-12-13
⋅
Microsoft
⋅
Important steps for customers to protect themselves from recent nation-state cyberattacks |